The "Middle East and Terrorism" Blog was created in order to supply information about the implication of Arab countries and Iran in terrorism all over the world. Most of the articles in the blog are the result of objective scientific research or articles written by senior journalists.

From the Ethics of the Fathers: "He [Rabbi Tarfon] used to say, it is not incumbent upon you to complete the task, but you are not exempt from undertaking it."

?php
>

Sunday, May 14, 2017

Global hacking for ransom hits 99 countries - debkaFile

Nearly 100 countries were struck Friday, May 12, by cyber
extortionists believed to be using a tool stolen from the US NSA to
infect the computers of some 75,000 victims, mainly in Britain, Spain,
Russia, Ukraine and Taiwan. In the biggest global ransom cyberassault
known to date, unknown hackers tricked victims into opening malicious
malware attachments to spam emails that appeared to contain invoices,
job offers, security warnings and other legitimate files. They demanded
ransom payments of $300 to $600 to restore access – some victims paid up
in the digital bitcoin currency.

In April, a group calling itself the Shadow Brokers reportedly stole
the tool from the NSA but it may have spread to other hackers.

The most disruptive attacks were reported in Britain where dozens of
hospitals and clinics had to turn away patients. In Russia, they
targeted the Home Ministry and many police stations across the country.

Only a small number of US-headquartered organizations were hit
because the hackers appear to have begun the campaign by targeting
organizations in Europe, said Vikram Thakur, research manager with
security software maker Symantec. By the time they turned their
attention to the United States spam filters had identified the new
threat and flagged the ransomware-laden emails as malicious. The US
Homeland Department offered to share information with domestic and
foreign partners.

Private security firms identified the ransomware as a new variant of
"WannaCry" that had the ability to automatically spread across large
networks by exploiting a known bug in Microsoft's Windows operating
system.

Spanish authorities confirmed the ransomware is spreading through the
vulnerability, called "EternalBlue," and advised people to use an
updated Microsoft patch issued in March.

Kaspersky Lab says that although the WannaCry ransomware can infect
computers even without the vulnerability, EternalBlue is "the most
significant factor" in the global outbreak. It has a 'hunter' module,
which seeks out PCs on internal networks. "So, for example, if your
laptop is infected and you went to a coffee shop, it would spread to PCs
at the coffee shop. From there, to other companies."

"This is one of the largest global ransomware attacks the cyber
community has ever seen," said Rich Barger, director of threat research
with Splunk, one of the firms that linked WannaCry to the NSA.

debkaFileSource: http://debka.com/article/26053/Global-hacking-for-ransom-hits-99-countries Follow Middle East and Terrorism on TwitterCopyright - Original materials copyright (c) by the authors.